arusa
commented
6 months ago We need to add options to configure authenticity_token and update the form. Maybe we also need CSRF for json? https://sinatrarb.com/protection/json_csrf https://github.com/sinatra/sinatra/blob/main/rack-protection/lib/rack/protection/json_csrf.rb
Not yet ready. authenticity_token is enabled, but now everything is forbidden (even the start page)
Docs: